Abstract
In this work, we compare the performance of a passive eavesdropper in 802.11b/n/ac WLAN networks. In particular, we investigate the downlink of 802.11 networks in infrastructure mode (e. g. from an access point to a terminal) using Commercial-Of-The-Shelf (COTS) devices. Recent 802.11n/ac amendments introduced several physical and link layer features, such as MIMO, spatial diversity, and frame aggregation, to increase the throughput and the capacity of the channel. Several information theoretical studies state that some of those 802.11n/ac features (e. g. beamforming) should provide a degradation of performance for a passive eavesdropper. However, the real impact of those features has not yet been analyzed in a practical context and experimentally evaluated. We present a theoretical discussion and a statistical analysis (using path loss models) to estimate the effects of such features on a passive eavesdropper in 802.11n/ac, using 802.11b as a baseline. We use Signal-to-Noise-Ratio (SNR) and Packet-Error-Rate (PER) as our main metrics. We compute lower and upper bounds for the expected SNR difference between 802.11b and 802.11n/ac using high-level wireless channel characteristics. We show that the PER in 802.11n/ac increases up to 98% (compared to 802.11b) at a distance of 20 m between the sender and the eavesdropper. To obtain a PER of 0.5 in 802.11n/ac, the attacker’s maximal distance is reduced by up to 129.5 m compared to 802.11b. We perform an extensive set of experiments, using COTS devices in an indoor office environment, to verify our theoretical estimations. The experimental results validate our predicted effects and show that every amendment add extra resiliency against passive COTS eavesdropping.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In this work we always use the word antennas rather than antennae.
References
Arbaugh, W.A., et al.: Real 802.11 Security: Wi-Fi Protected Access and 802.11 i. Addison-Wesley Longman Publishing Co., Inc., Boston (2003)
Bernaschi, M., Ferreri, F., Valcamonici, L.: Access points vulnerabilities to dos attacks in 802.11 networks. Wirel. Netw. (2008)
Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: the insecurity of 802.11. In: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking. ACM (2001)
Cheng, Y.-C., Bellardo, J., Benkö, P., Snoeren, A.C., Voelker, G.M., Savage, S.: Jigsaw: solving the puzzle of enterprise 802.11 analysis. In: Proceedings of Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM) (2006)
Cisco: Cisco’s visual networking index forecast projects nearly half the world’s population will be connected to the internet by 2017 (2013). https://newsroom.cisco.com/press-release-content?articleId=1197391
Coleman, D.D., Westcott, D.A.: CWNA: Certified Wireless Network Administrator Official Study Guide: Exam CWNA-106. Sybex (2014)
Crow, B.P., Widjaja, I., Kim, L.G., Sakai, P.T.: IEEE 802.11 wireless local area networks. IEEE Commun. Mag. (1997)
Dong, L., Han, Z., Petropulu, A.P., Poor, H.V.: Improving wireless physical layer security via cooperating relays. IEEE Trans. Sig. Process. 58, 185–1888 (2010)
Goldsmith, A.: Wireless Communications. Cambridge University Press, Cambridge (2005)
Gopala, P.K., Lai, L., El Gamal, H.: On the secrecy capacity of fading channels. IEEE Trans. Inf. Theory 54, 4687–4698 (2008)
Gummadi, R., Wetherall, D., Greenstein, B., Seshan, S.: Understanding and mitigating the impact of RF interference on 802.11 networks. ACM SIGCOMM Comput. Commun. Rev. 37, 385–396 (2007)
Hero, A.: Secure space-time communication. IEEE Trans. Inf. Theory 49, 3235–3249 (2003)
Hiertz, G.R., Denteneer, D., Stibor, L., Zang, Y., Costa, X.P., Walke, B.: The IEEE 802.11 universe. IEEE Commun. Mag. 48, 62–70 (2010)
IEEE: IEEE standard for information technology-telecommunications and information exchange between systems local and metropolitan area networks-specific requirements - part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications (2016). http://standards.ieee.org/getieee802/download/802.11-2016.pdf
Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S.: Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surv. Tutor. 18, 184–208 (2016)
Leung-Yan-Cheong, S.K., Hellman, M.E.: The Gaussian wire-tap channel. IEEE Trans. Inf. Theory 24, 451–456 (1978)
Martin, S.: Directional Gain of IEEE 802.11 MIMO Devices Employing Cyclic Delay Diversity (2013)
Mishra, A., Shin, M., Arbaugh, W.: An empirical analysis of the IEEE 802.11 MAC layer handoff process. ACM SIGCOMM Comput. Commun. Rev. 33, 93–102 (2003)
Mukherjee, A., Swindlehurst, A.L.: Robust beamforming for security in MIMO wiretap channels with imperfect CSI. IEEE Trans. Sig. Process. 59, 351–361 (2013)
Oggier, F., Hassibi, B.: The secrecy capacity of the MIMO wiretap channel. In: IEEE Transactions on Information Theory (2011)
Ong, E.H., Kneckt, J., Alanen, O., Chang, Z., Huovinen, T., Nihtilä, T.: IEEE 802.11 ac: enhancements for very high throughput WLANs. In: 2011 IEEE 22nd International Symposium on Personal Indoor and Mobile Radio Communications (PIMRC). IEEE (2011)
Peppas, K.P., Sagias, N.C., Maras, A.: Physical layer security for multiple-antenna systems: a unified approach. IEEE Trans. Commun. 64, 314–328 (2016)
Perahia, E., Stacey, R.: Next Generation Wireless LANs: 802.11 n and 802.11 ac. Cambridge University Press, Cambridge (2013)
Pöpper, C., Tippenhauer, N.O., Danev, B., Capkun, S.: Investigation of signal and message manipulations on the wireless channel. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 40–59. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23822-2_3
Prabhu, V.U., Rodrigues, M.R.: On wireless channels with \(M\)-antenna eavesdroppers: characterization of the outage probability and-outage secrecy capacity. IEEE Trans. Inf. Forensics Secur. 6, 853–860 (2011)
Robyns, P., Bonné, B., Quax, P., Lamotte, W.: Exploiting WPA2-enterprise vendor implementation weaknesses through challenge response oracles. In: WiSec. ACM (2014)
Sheth, A., Doerr, C., Grunwald, D., Han, R., Sicker, D.: MOJO: a distributed physical layer anomaly detection system for 802.11 WLANs. In: Proceedings of the 4th International Conference on Mobile Systems, Applications and Services. ACM (2006)
OD Team: OpenWRT wireless freedom. https://openwrt.org/
Van Veen, B., Buckley, K.: Beamforming: a versatile approach to spatial filtering. IEEE ASSP Mag. 5, 4–24 (1988)
Wang, J., Lee, J., Quek, T.Q.S.: Best antenna placement for eavesdroppers: distributed or co-located? IEEE Commun. Lett. 20, 1820–1823 (2016)
Wyner, A.D.: The wiretap channel. Bell Syst. Tech. J. 54, 1355–1387 (1975)
Yang, N., Yeoh, P.L., Elkashlan, M., Schober, R., Collings, I.B.: Transmit antenna selection for security enhancement in MIMO wiretap channels. IEEE Trans. Commun. 64, 144–154 (2013)
Zou, Y., Zhu, J., Wang, X., Leung, V.C.M.: Improving physical-layer security in wireless communications using diversity techniques. IEEE Netw. 29, 42–48 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Antonioli, D., Siby, S., Tippenhauer, N.O. (2018). Practical Evaluation of Passive COTS Eavesdropping in 802.11b/n/ac WLAN. In: Capkun, S., Chow, S. (eds) Cryptology and Network Security. CANS 2017. Lecture Notes in Computer Science(), vol 11261. Springer, Cham. https://doi.org/10.1007/978-3-030-02641-7_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-02641-7_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02640-0
Online ISBN: 978-3-030-02641-7
eBook Packages: Computer ScienceComputer Science (R0)